Monday, March 26, 2007

meme: identity and access management

The hammer and anvil of "security" and "compliance" are coming together - finally - to create opportunities for software companies. And consultants. Don't forget the consultants.

But I digress.

I say "finally" because I was talking about this about eight years ago back in my Teleran days. Back then, we talked about iSight and iGuard as vehicles for tracking and controlling how users accessed relational databases. We even won a nice award for our work. Some guy from Microsoft is still pissed that he got beaten by us that day.

Jump ahead eight years. Companies like Centrify and Preemptive are actively promoting solutions to detect "improper usage" of applications. I'm particularly keen on Preemptive's approach for detecting attempts to tinker with deployed software assets, a solution that leverages their deep experience in code obfuscation.

Even my old pals at MVSN are getting in the game, with a solution for the games space that embeds Update Service (oops, "FLEXnet Connect") in games so publishers can update them remotely. . .and figure out what sort of exposure their games have to P2P distribution. Assuming pirates aren't smart enough to remove the updating software before re-distributing it, of course.

I'm sure there are many more solutions out there whose sole purpose in life is to tell you that someone is messing with your stuff. Any other products come to mind?

Psycho: You just made the list, buddy. Also, I don't like no one touching my stuff. So just keep your meathooks off. If I catch any of you guys in my stuff... I'll kill ya. And I don't like nobody touching me. Any of you homos touch me... I'll kill ya.

Sergeant Hulka: Lighten up, Francis. We're all in this together. One of these men may save your life one of these days, you understand that?